- BIP39 passphrase does not encrypt, it is an extension of the seed phrase. All BIP39 seed phrases have an empty ("") passphrase by default, and you can choose to extend that.
I think that technically, BIP39 uses the word "mnemonic" as the default salt. Then we can add an optional passphrase which will be appended to the word "mnemonic". So, not adding a passphrase will lead to parsing 12 words (seedphrase) + "mnemonic" (salt) from the PBKDF2 algorithm. If we added a passphrase, it would lead to parsing 12 words (seedphrase) + "mnemonic" + "secret passphrase" from the PBKDF2 algorithm. |
|
|
|
MESSAGEuser: apogio
date: 20240411
address: 1B2eQ2wFZ5tQZFdRP2zaMh5dK3WyhEo2cS
message: this address will be used explicitly for bitcointalk
1B2eQ2wFZ5tQZFdRP2zaMh5dK3WyhEo2cS
IHRb6azE/RC0IkVlHXbVC4ebDTe8CidJceD7iL3jaPgyMRB6N7YrijrhGj3fP1k+V3+nNDWqvoH/4xHzBUvoQsk=
|
|
|
|
Well, can you stop the rich people and institutional investors from buying BTC? The obvious answer is no.
In fact, you shouldn't be able to stop any person on this planet from buying BTC. My post is not just a fancy "bitcoin for the masses" post. What I mean is, one of the major problems in the current financial system that we live in, is the fact that money isn't accessible to everyone. Yes, most people have access to a bank, but banks don't operate the same way throughout the whole planet. It's different to own a savings account in Sweden, than in Pakistan, than in China, or in Canada. Bitcoin, on the hand, works the same, wherever you are. |
|
|
|
Sure, but you cannot control what someone does with their newly acquired money...
So if someone gets "tainted" money from you and deposits it in a CEX/bank (some people want to liquidate BTC for fiat, or buy instantly BTC with fiat), then you should expect a call.
But, how will anyone know who I am. Perhaps you mean if I buy something online. Well in that case, I will just lead the "interrogators" to the address that sent them to me. In general, if we buy the whole "tainted bitcoin" idea, then we deserve the strict banking system that we currently have! |
|
|
|
As soon as that "tainted" banknote enters the banking system, you're fucked. They will freeze the money and the police will interrogate you where you got it from.
It's the same thing with satoshis (each one has a serial number based on the order in which it was mined, that's how Ordinal NFTs are created). BTC is electronic cash (which has pros and cons).
Tainted banknotes are like a hot potato. The last person who gets them and decides to deposit them in a bank is royally fucked.
This argument actually strengthens my opinion that cash and bitcoin are both fungible. If you are afraid, the solution is super simple: (1) Don't deposit the cash in a bank, just use it to buy something. (2) Don't send your BTC to a CEX, just use it to buy something. Well in fact: (a) Self-custody your bitcoin. (b) Use it as it's supposed to be used, as a cash system.
Just to make some fun, I hereby volunteer to accept any coins anybody thinks are "tainted". If anyone is desperate to get rid of them, I am here. That's a joke obviously, in case anyone is super sensitive and gets mad about it 
|
|
|
|
Of course you can join, you're always welcome! Don't you want to take a second spot?  Absolutely! 90 please ! |
|
|
|
|
I don't know if I can participate, since I won the 5th one, but if I can, I want 89 please!
|
|
|
|
Initially, Bitcoin coins do not have the property of identity and fungibility.
Not true. Bitcoin is fungible just like cash is. If I give you $100 in cash and you give me $100 in cash, then the only thing we both need to do is to make sure the dollar bills aren't fake. If they are both legit, then we are exactly where we started from. If I give you $100 in BTC and you give me $100 in BTC, then the only thing we both need to do it to make sure the BTC is legit. Luckily, bitcoin does that on its own after some block confirmations. So we just need to wait a little. |
|
|
|
I think the issue is less about reinventing the wheel and more about knowing what you're doing and guarding against potential attack vectors. If you thoroughly understand and guard against what's potentially a threat, then I don't see how it would be bad since majority of them are a direct result of human error. Not trusting BIP39 is okay, or using GPG to encrypt every single WIF private key is fine too, but it's just a less efficient way and one that doesn't make much sense given the alternatives that we have.
The main issue is that it's very difficult to use the keys if you need to. Theoretically, if you have X key-pairs, you need to have X separate files. So, if you needed to decrypt one private key and spend from it, the other ones wouldn't be decrypted. I don't think it comes too handy though. Imagine that you need to: 1. plug in the external HDD. 2. transfer the encrypted file to your machine. 3. gpg decrypt the file. (if your GPG keys aren't on the machine, then it requires more steps). 4. open the file in a notepad and copy the WIF. 5. open electrum or sparrow and sweep the private key to a wallet. I dislike this approach. |
|
|
|
What is there to not trust about a hardware wallet whose schemata, PCB designs and firmware are all publicly available and open source? That would be equivalent to a software wallet being open source in terms of checking the code.
It does require you to go out and learn a few things about circuit board design, but isn't that the case with learning a new programming language as well? In my opinion, it is worth going out to learn about those things since a special-purpose hardware wallet is more secure than even a secure software running on a generic computer.
Yeah I don't even doubt that. I totally agree. Here is the discussion we had in the forum last year: https://bitcointalk.org/index.php?topic=5432665.0 I am just pointing out for newer members or members who may have missed it. It's a good reading. |
|
|
|
Excellent job! The end result was very beautiful.
It is true that the winning images helped this result. But this is without a doubt a great result.
Thank you for your support.
joker_josue thanks for the contest and your effort. It was really fun, participating in this event. I think I forgot to thank you earlier. Looking forward to the next one, when I hope we will have even more participants. |
|
|
|
We need to be careful about reinventing the wheel, as this friend of yours could create so much complexity and end up losing the password for the encrypted file, not losing/corrupting media such as SD cards, pen drives, etc. Diversify this backup as much as possible by producing several copies, and most importantly, store this decryption password in a safe place so that it will later be remembered where it was stored.
Yes I agree with you. In fact, not trusting BIP39 is fine. What's not fine, is trying to manually override BIP39 with other types of backups, which are custom implementations. The problem with this is that even people who have higher expertise than us, can lose money this way. This was the case with Luke Dashjr, he used the exact same backup method. Ok, yeah, Luke is a controversial figure, having stated that he doesn't trust hardware devices etc, but in my opinion, it's a good example of the "don't reinvent the wheel" narrative. |
|
|
|
@Mia Chloe @Amphenomenon @apogio small update to your gents regarding your Icarus cards it took some time, but we wanted to deliver you the perfect result and finally it is ready. below you can see all 3 cards (front) with the respective serial - what the back will look like, just let us surprise you  the cards will be sent to you at the end of next week. to make sure this happens i still need the shipping addresses from @Mia Chloe and @Amphenomenon Impeccable! Thank you cygan! I am ready to be surprised, can't wait! I also love how Mia Chloe's card looks, being vertical! Again, thanks for the whole event and all your efforts. |
|
|
|
That's also all assuming they're using the symmetric encryption option with gpg --symmetric command not the one using the GPG keys which are big themselves (512 and 1024 bits) and require another separate backup, which would be another flaw/complication in their method.
Definitely. I think I have mentioned it above, that he uses symmetric encryption. However, the passphrase needs to be a strong one, so I reckon that he must have a backup of the passphrase as well. That is to say that the separate backup is mandatory either way. But lets not forget that OpenPGP is not an encryption algorithm although they have defined a way to encrypt stuff with it. This is while AES256 (what is used in BIP38) is an encryption algorithm.
The default --cipher-algo for gpg --symmetric is AES256, isn't it? |
|
|
|
Πάντως το ότι ο Szabo μάλλον είναι ο Satoshi είναι το τελευταίο στοιχείο που θα λάμβανα υπόψιν για να επιβεβαιώσω πως ο Craig δεν είναι ο Satoshi. Δηλαδή, και ψυχολογικά και μόνο να το πάρεις, δε μπορεί ο Satoshi να είναι ένας τέτοιος νάρκισσος που απαιτεί να του δώσουμε εκατομμύρια coins χωρίς τις κατάλληλες υπογραφές. Χωρίς καν να ελέγξεις τις αμέτρητες φορές που έχει παρουσιάσει πλαστογραφημένα έγγραφα ή ότι δεν ξέρει προγραμματισμό για αρχάριους, φαίνεται από τις προθέσεις του κι από αυτά που λέει ότι δεν είναι αυτός.
Aκριβώς σε αυτό επικεντρώνομαι κι εγώ λέγοντας ότι το sentiment analysis θα έδειχνε χαοτική διαφορά ανάμεσα στο CSW και το Satoshi. Αλλά εννοείται, είναι ανεξάρτητο αυτό με το αν ο Satoshi είναι ο Szabo. Το μόνο σίγουρο, και το λέω ειλικρινά, είναι ότι κουράστηκα να συζητάω ποιος είναι satoshi. Ο satoshi είναι κάποιος που δεν θέλει να τον ξέρουμε, παρά μόνο ως ψηφιακή περσόνα. Οπότε, θα προσπαθήσω να σεβαστώ την επιθυμία του και να μην τον ξανασυζητήσω. |
|
|
|
Δεν νομίζω ότι υπάρχει ισχυρότερο επιχείρημα από αυτό. Κι εγώ σ' αυτό βασίζομαι κυρίως. Κάποιος μπορεί να ξανακάνει την έρευνα με νέα inputs (emails με τον Sirius). Δε θέλω να συμμετάσχω σε αυτό, αλλά φαντάζομαι όλο και κάποιος θα το ξαναφέρει στην επιφάνεια, και θα (ξανα)επιβεβαιώσει πως είναι αυτός. Θα ήταν εξαιρετικά ενδιαφέρον να εφαρμοζόταν και sentiment analysis στο λόγο του satoshi και το szabo. Εκεί θεωρώ είναι το ζουμί. Αν μη τι άλλο, αυτό θα ενίσχυε ακόμα περισσότερο και την άποψη (επίσημη δικαστική απόφαση) ότι ο CSW δεν είναι ο satoshi. Η διαφορά στο sentiment του λόγου του CSW με αυτόν του satoshi είναι τεράστια. |
|
|
|
Ότι με ανάλυση κειμένου βγαίνει ο πιο ύποπτος (με πιθανότητα ~99.9% κυριολεκτικά παρακαλώ); Δεν νομίζω ότι υπάρχει ισχυρότερο επιχείρημα από αυτό. Μπορείς να το αμφισβητήσεις λέγοντας ότι μπορεί να υπάρχει κι άλλος άγνωστος άνθρωπος με μεγαλύτερη ομοιότητα (αν γίνεται), αλλά και πάλι, δεν μπορείς να αμφισβητήσεις ότι η ομοιότητα του szabo με τον satoshi είναι τόσο μεγάλη, εφόσον υπάρχει αποδεικτική έρευνα. Μπορείς να αμφισβητήσεις την έρευνα φυσικά, αλλά, το καλό με την έρευνα είναι ότι θέλει επιστημονικά τεκμηρια για να την αντικρούσεις. |
|
|
|
I see some contradictions here.
1. BIP39 is offering a way to write down your hard to write WIFs in form of a human readable set of words. In other words it is difficult to write down 5KdD6mE.... but it is easy to write down Foo Bar Baz...
Sure, I think we all agree on that. By the way, since you mentioned it, I believe 2 separate pieces of paper stored in different locations is one of the safest backup methods. The only thing you need to do is to find secure locations and to health check the backups. 4. Someone who is "knowledgeable in Bitcoin" and familiar with BIP39 should be also familiar with BIP39-1 (BIP38) that describes a solid method of encrypting WIFs using AES encryption that is far better than using GPG specially since it is supported by most bitcoin wallets already whereas GPG is not and requires additional software.
Well this argument is strong, but in my opinion, knowing about GPG and having GPG on a Linux machine is really important for privacy and I reckon most bitcoiners should be familiar with it. Of course, it's not mandatory but it is more than just a "nice to have". |
|
|
|
So he says he doesn't want to use an optional mnemonic passphrase, but he needs a decent and secure passphrase for his PGP encryption, not? Or how does he protect his PGP private key? As far as I remember, it's protected by some passphrase... and this passphrase needs to be properly stored and saved, too.
Don't tell me he has this PGP protection passphrase only in his head. That's a recipe for later desaster, sooner or later, doesn't matter, desaster will strike.
His system provides the same security with a 2-of-2 multi-sig, but it adds extra complexity. In his system, he needs both the GPG private key and the encrypted data to spend coins, just as you need two seed phrases to spend from a 2-of-2 multi-sig. The difference is that two seed phrases are much more flexible and easier to store than the other. He can only store his data digitally, where you can store a 2-of-2 multi-sig practically everywhere.
That's exactly my point. Essentialy in terms of protection, I prefer multisig because I can sign with 2 cosigners that can be anywhere on this planet, without ever getting the cosigners together. As far as storing anything in our heads is concerned, that's terrible. Without even thinking about bitcoin, I have had a relative who suffered from dementia, so she couldn't recognise me, so I wouldn't expect her to remember a strong passphrase. In a completely symmetrical way, I would never rely on my brain for anything other than generating ideas. |
|
|
|
|
Show Posts
